#Forensics
Showing 60 of 189 repositories tagged #forensics, ranked by stars
Hunt down social media accounts by username across social networks
π A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
UNIX-like reverse engineering framework and command-line toolset
Prowler is the worldβs most widely used open-source cloud security platform that automates security and compliance across any cloud environment.
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Free Security and Hacking eBooks
Volatility 3.0 development
Awesome hacking is an awesome collection of hacking tools.
Rapidly Search and Hunt through Windows Forensic Artefacts
Collaborative forensic timeline analysis
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
Hayabusa (ιΌ) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Free hands-on digital forensics labs for students and faculty
π΅οΈ OSINT Tools for gathering information and actions forensics π΅οΈ
Hacker tools on Go (Golang)
Educational, CTF-styled labs for individuals interested in Memory Forensics
:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
Interactively find and recover deleted or :point_right: overwritten :point_left: files from your terminal
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.
Process-aware, eBPF-based tcpdump
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Tracking history of USB events on GNU/Linux
Avilla Forensics FREE
Security Apps for Android
A curated list of tools officially presented at Black Hat events
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
Automation and Scaling of Digital Forensics Tools
Practical Windows Forensics Training
operative framework is a rust investigation OSINT framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.
SIEM Tactics, Techiques, and Procedures
Documentation and scripts to properly enable Windows event logs.
OSINT Swiss Army Knife
:no_entry: (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
Comprehensive 2026 OSINT guide β 450+ tools, AI intelligence, methodologies & ethics across 35 sections for investigation & threat intel.
select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.
A tool to help forensicate offline docker acquisitions
A curated list of awesome Memory Forensics for DFIR
SIFT
The ultimate steganography and digital forensics toolkit. Hide and extract data across images, audio, video, documents, and network packets, or run 11 advanced detection engines to uncover hidden payloads.
swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
An OSINT / digital forensics tool built in Python
Volatility plugin for extracts configuration data of known malware
A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
ι’εε°η½η¨ζ·η CTF / ιε Skills ζ΄εε οΌθͺε¨εζ΅γ倴θι£ζ΄γζε¦ζ¨‘εΌγζ―θ΅ζ¨‘εΌγεͺζ瀺樑εΌ
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
A Linux packet crafting tool.
A list of 350+ free TryHackMe roomsπ» to kick off your cybersecurity learning, organized by topics for easy exploration and practical skill-building !ππ₯
This repository contains a list of the most popular and widely used tools in web3 security. If you find any tools missing, you can create a pull request and be a contribute the project.
Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
Robot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.
Detects process injection and memory manipulation used by malware. Finds RWX regions, shellcode patterns, API hooks, thread hijacking, and process hollowing. Built in Rust for speed. Includes CLI and TUI interfaces.
List of tools and commands that may be helpful in CTFs
CLI tools for forensic investigation of Windows artifacts
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Network Forensics CLI utility that performs Network Scanning, OSINT, and Attack Detection
With EmailAnalyzer you can analyze your suspicious emails. You can extract headers, links, and hashes from the .eml file and you can generate reports.
Useful CTF Tools
PowerShell module for Office 365 and Azure log collection